abide_dev_utils 0.8.1 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 550d53a5583b4befefc9cb5b2cd2ae41dab12dac51d6fe564067d8ad6113daf4
-  data.tar.gz: 62edfb6d0145ec674ad2cf70eb09b37008075bbe7215c3aba7b0c82988b49cb7
+  metadata.gz: 66f347b83cd235bff425a1300f86095cd212550c2948438bec76dded1f367f2c
+  data.tar.gz: c4c2ea76f96d88d8bcb89aedeaea795deafc8641addcb729cfba89a3eb383ade
 SHA512:
-  metadata.gz: 336b80d3b41db5c839de238d7b3308bcd02b4cad1e339fb2b5879cbb7e132cbf3b8b8432f2ba6c0c2fa0825491fb042817a6225594433fba058eacfdeb6f510c
-  data.tar.gz: a8e34b36f2bdd51d4d7bf467b91c3f01e7507ea5315a864a564f4c830d43768f98de88075569643205d8c5c43ea8113a1c0afed011a708367a3c66771e10534f
+  metadata.gz: 6cc7f7c3a93bab84f56c00a43ecbace096eb82db3363cdd2a43e41a16da13467c0d612f081cfec30c908563c1e5977e19d913f81362b06db8a03f12236c661f7
+  data.tar.gz: ed7c670cce6b50b14eb9c82f4a3020078bf7f03e15ef4f687ff1925c6505d48accfd9211e1c0ff6e2bbbf68d9664e4bf22242fb01624c223b939f4545889c804

data/lib/abide_dev_utils/cli/xccdf.rb

@@ -16,6 +16,42 @@ module Abide
         add_command(CmdParse::HelpCommand.new, default: true)
         add_command(XccdfToHieraCommand.new)
         add_command(XccdfDiffCommand.new)
+        add_command(XccdfGenMapCommand.new)
+      end
+    end
+
+    class XccdfGenMapCommand < CmdParse::Command
+      CMD_NAME = 'gen-map'
+      CMD_SHORT = 'Generates mappings from XCCDF files'
+      CMD_LONG = 'Generates mappings for CEM modules from 1 or more XCCDF files as YAML'
+      def initialize
+        super(CMD_NAME, takes_commands: false)
+        short_desc(CMD_SHORT)
+        long_desc(CMD_LONG)
+        options.on('-b [TYPE]', '--benchmark-type [TYPE]', 'XCCDF Benchmark type CIS by default') { |b| @data[:type] = b }
+        options.on('-d [DIR]', '--files-output-directory [DIR]', 'Directory to save files data/mappings by default') { |d| @data[:dir] = d }
+        options.on('-q', '--quiet', 'Show no output in the terminal') { @data[:quiet] = true }
+        options.on('-p [PREFIX]', '--parent-key-prefix [PREFIX]', 'A prefix to append to the parent key') do |p|
+          @data[:parent_key_prefix] = p
+        end
+      end
+
+      def execute(xccdf_file)
+        if @data[:quiet] && !@data[:dir]
+          AbideDevUtils::Output.simple("I don\'t know how to quietly output to the console\n¯\\_(ツ)_/¯") 
+          exit 1
+        end
+        @data[:console] = true if @data[:dir].nil?
+        @data[:type] = 'cis' if @data[:type].nil?
+        @data[:parent_key_prefix] = '' if @data[:parent_key_prefix].nil?
+        hfile = AbideDevUtils::XCCDF.gen_map(xccdf_file, **@data)
+        mapping_dir = File.dirname(hfile.keys[0]) unless @data[:dir].nil?
+        AbideDevUtils::Output.simple("Creating directory #{mapping_dir}") unless @data[:quiet] || @data[:console] || @data[:dir].nil?
+        FileUtils.mkdir_p(mapping_dir) unless @data[:console] || @data[:dir].nil?
+        hfile.each do |key, val|
+          file_path = @data[:dir].nil? ? nil : key
+          AbideDevUtils::Output.yaml(val, console: @data[:console], file: file_path)
+        end
       end
     end
 

data/lib/abide_dev_utils/errors/general.rb

@@ -53,5 +53,9 @@ module AbideDevUtils
     class NotHashableError < GenericError
       @default = 'Object does not respond to #to_hash or #to_h:'
     end
+
+    class CliOptionsConflict < GenericError
+      @default = "Console options conflict."
+    end
   end
 end

data/lib/abide_dev_utils/errors/xccdf.rb

@@ -20,5 +20,9 @@ module AbideDevUtils
     class ProfilePartsError < GenericError
       @default = 'Failed to extract parts from profile name:'
     end
+
+    class UnsupportedXCCDFError < GenericError
+      @default = "XCCDF type is unsupported!"
+    end
   end
 end

data/lib/abide_dev_utils/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module AbideDevUtils
-  VERSION = "0.8.1"
+  VERSION = "0.9.0"
 end

data/lib/abide_dev_utils/xccdf.rb

@@ -10,6 +10,17 @@ require 'abide_dev_utils/output'
 module AbideDevUtils
   # Contains modules and classes for working with XCCDF files
   module XCCDF
+    # Generate map for CEM
+    def self.gen_map(xccdf_file, opts)
+      type = opts.fetch(:type, 'cis')
+      case type.downcase
+      when 'cis'
+        new_map = Benchmark.new(xccdf_file).gen_map(**opts)
+      else
+        raise AbideDevUtils::Errors::UnsupportedXCCDFError, "XCCDF type #{type} is unsupported!"
+      end
+    end
+
     # Converts and xccdf file to a Hiera representation
     def self.to_hiera(xccdf_file, opts)
       type = opts.fetch(:type, 'cis')
@@ -17,7 +28,7 @@ module AbideDevUtils
       when 'cis'
         Benchmark.new(xccdf_file).to_hiera(**opts)
       else
-        AbideDevUtils::Output.simple("XCCDF type #{type} is unsupported!")
+        raise AbideDevUtils::Errors::UnsupportedXCCDFError, "XCCDF type #{type} is unsupported!"
       end
     end
 
@@ -218,6 +229,20 @@ module AbideDevUtils
         profiles.select { |x| x.title == profile_title }.controls
       end
 
+      def gen_map(dir: nil, type: 'CIS', parent_key_prefix: '', **_)
+        os, ver = facter_platform
+        if dir
+          mapping_dir = File.expand_path(File.join(dir, type, os, ver))
+        else
+          mapping_dir = ''
+        end
+        parent_key_prefix = parent_key_prefix.nil? ? nil : ''
+        ['title', 'hiera_title', 'hiera_title_num', 'number'].each_with_object({}) do |idx, h|
+          map_file_path = "#{mapping_dir}/#{idx}.yaml"
+          h[map_file_path] = map_indexed(index: idx, framework: type, key_prefix: parent_key_prefix)
+        end
+      end
+
       def find_cis_recommendation(name, number_format: false)
         profiles.each do |profile|
           profile.controls.each do |ctrl|
@@ -261,6 +286,43 @@ module AbideDevUtils
         controls.diff(other.controls)
       end
 
+      def map_indexed(index: 'title', framework: 'cis', key_prefix: '')
+        all_indexes = ['title', 'hiera_title', 'hiera_title_num', 'number']
+        c_map = profiles.each_with_object({}) do |profile, obj|
+          controls_hash = profile.controls.each_with_object({}) do |ctrl, hsh|
+            real_index = if index == 'hiera_title_num'
+                           ctrl.hiera_title(number_format: true)
+                         elsif index == 'title'
+                           resolve_control_reference(ctrl).xpath('./xccdf:title').text
+                         else
+                           ctrl.send(index.to_sym)
+                         end
+             controls_array = all_indexes.each_with_object([]) do |idx_sym, ary|
+              next if idx_sym == index
+    
+              item = if idx_sym == 'hiera_title_num'
+                       ctrl.hiera_title(number_format: true)
+                     elsif idx_sym == 'title'
+                       resolve_control_reference(ctrl).xpath('./xccdf:title').text
+                     else
+                       ctrl.send(idx_sym.to_sym)
+                     end
+              ary << "#{item}"
+            end
+            hsh["#{real_index.to_s}"] = controls_array.sort
+          end
+          obj[profile.level.downcase] = {profile.title.downcase => controls_hash.sort_by { |k, _| k }.to_h }
+        end
+        mappings = [framework, index]
+        mappings.unshift(key_prefix) unless key_prefix.empty?
+        { mappings.join('::') => c_map }.to_yaml
+      end
+    
+      def facter_platform
+        cpe = xpath('xccdf:Benchmark/xccdf:platform')[0]['idref'].split(':')
+        [cpe[4].split('_')[0], cpe[5].split('.')[0]]
+      end
+
       # Converts object to Hiera-formatted YAML
       # @return [String] YAML-formatted string
       def to_hiera(parent_key_prefix: nil, num: false, levels: [], titles: [], **_kwargs)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: abide_dev_utils
 version: !ruby/object:Gem::Version
-  version: 0.8.1
+  version: 0.9.0
 platform: ruby
 authors:
 - abide-team
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-10-14 00:00:00.000000000 Z
+date: 2021-11-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri